IT Security Analyst Ft/Days

BASIC PURPOSE OF THE JOB

Plans, installs, maintains, and supports the security of the hospital's internal and external networks, related network systems, services and applications. Develops and maintains the hospital Payment Card Industry program, HIPAA compliance and remediation efforts and the Privacy and Security software application(s). Maintains accurate and thorough security documents, policies, and procedures. Troubleshoots and ensures optimization of the hospital's security posture.

REPORTS TO

• I.T. Security Officer

JOB REQUIREMENTS

Supervisory Responsibilities: NO

Minimum Education: Bachelors

Degree: Information Systems networking or security or related field preferred

License/Certification Required: None

Minimum Work Experience: 2-5 or more years of experience required; expereience in local and wide area networks preferred. Bachelors Degree with equivalent work experience will be considered.

REQUIRED KNOWLEDGE, SKILLS, AND ABILITIES

• Strong customer service orientation and team-oriented, collaborative skills required.

• Project management skills are a must.

• Ability to prioritize and execute tasks efficiently and effectively in high-pressure environment.

• Excellent communication skills and proficient in computer applications and systems.

DUTIES AND RESPONSIBILITIES

• Analyzes and resolves network security problems for established networks accurately and in a timely manner.

• Plans, tests, recommends, and implements network, file server and workstation hardware and software security protocols and applications and assists the Network/Security Manager to effectively plan for, install, configure and maintain security infrastructure systems such as the Payment Card Industry (PCI) Program, HIPPAA program and remediation, the Haystack HIPAA Privacy and Security application and all other network security related applications.

• Works with the Network Analyst to correctly install, configure and maintain network security components including routers, switches, and UPSs as required,as well as Monitoring and analyzing network security performance for weak points and potential breaches across the organization's LANs, WANs, and wireless deployments. Reports any issues to the Network/Systems Manager and the Chief Information Officer (CIO). Ensures system uptime and performance.

• Provides accurate network security documentation, serves as a resource to hospital staff and leadership regarding networking security policies, procedures, and issues, and accurately documents current workflow, security networking procedures, and relevant diagrams as required.

• Establishes user profiles, user environments, directories, and security for networks being installed, and monitors and updates on a regular basis, while performing accurate and thorough server and security audits on a regular basis.

• Provides support for a program, organization, system, or enclave's information assurance program, and also provides support for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies.

• Evaluate security solutions to ensure they meet security requirements, performing vulnerability/risk assessment analysis to support continuous monitoring and accreditation efforts.

• Maintains operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed.

• Provides configuration management (CM) for information system security software, hardware, and firmware.

• Troubleshoots and ensures optimization of the hospital's security posture.

• Manages changes to system and assesses the security impact of those changes.

• Prepares and reviews documentation to include System Security Plans (SSPs), Risk Assessment Reports, Assessment and Authorization (A&A) packages, and System Requirements Traceability Matrices (SRTMs)

• Supports security authorization activities in complains with NIST and/or DoED/FSA processes.

• Fosters mature professional relationships with fellow employees in a courteous, friendly, manner as measured by management observation and peer input, and consults and collaborates with users throughout the hospital and accurately evaluates requirements for identified needs. Effectively plans projects and coordinates tasks for implementation of data networks based on consultation to effectively meet user needs.

• Utilizes hospital resources and time respectfully and accountably and willingly accepts any other assignment that may be requested.

PHYSICAL REQUIREMENTS-Note: Reasonable accommodations may be made for individuals with disabilities to perform the essential functions of this position.

• Medium lifting, pushing and pulling is required for 20-50 lbs occasionally, 10-20 lbs frequently and 100 lbs constantly to move objects. Sudden emergency situations have the potential for exposure to lifting or moving up to 100 lbs. Frequent bending, walking, sitting, squatting, reaching, and standing are required. Keyboard/computer use and/or repetitive motions may be required.

Come work where you can make a difference everyday.